Contents
1.Using su command
Not required if root password is set at the time of installation
If you set a root password, set it as follows
Log in as a general user
|
1 2 3 4 5 6 7 8 9 10 11 12 |
huong@localhost:~>sudo passwd root We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for root: New password: Retype new password: passwd: password updated successfully |
|
1 2 3 |
huong@localhost:~>su – Password: <Password for root user set above> localhost:~ # |
2. Modernize the system
To modernize the system, enter the following command
|
1 |
# zypper -n update && reboot |
3.locate Install
The find command is used to search for a specific file on the entire Linux system, but find's options are somewhat confusing.
In such cases, it is useful to have the locate command available, which can extract all files with a given filename
Install
|
1 |
# zypper -n install mlocate |
Create database
|
1 |
# updatedb |
Example of executing the locate command
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
# locate sshd /etc/pam.d/sshd /etc/ssh/sshd_config /etc/sysconfig/SuSEfirewall2.d/services/sshd /etc/systemd/system/multi-user.target.wants/sshd.service /usr/lib/systemd/system/sshd.service /usr/lib/sysusers.d/sshd.conf /usr/lib64/ruby/gems/2.5.0/gems/ruby-augeas-0.5.0/tests/root/etc/ssh/sshd_config /usr/sbin/rcsshd /usr/sbin/sshd /usr/sbin/sshd-gen-keys-start /usr/share/YaST2/scrconf/etc_ssh_sshd_config.scr /usr/share/apparmor/extra-profiles/usr.sbin.sshd /usr/share/augeas/lenses/dist/sshd.aug /usr/share/man/man5/sshd_config.5.gz /usr/share/man/man8/sshd.8.gz /usr/share/vim/vim90/syntax/sshdconfig.vim /var/lib/sshd /var/lib/sshd/is-enabled.rpmtmp |
4. Services suspended due to security measures
Services that are considered unnecessary are stopped and kept stopped after rebooting
|
1 2 3 4 5 6 7 8 9 10 |
# systemctl stop auditd.service # systemctl disable auditd.service # systemctl stop mdmonitor.service # systemctl disable mdmonitor.service # systemctl stop smartd.service # systemctl disable smartd.service # systemctl stop tuned.service # systemctl disable tuned.service # systemctl stop dm-event.socket # systemctl disable dm-event.socket |
5. Vim Installation and Configuration
5.1. Install
|
1 |
# zypper install vim |
5.2. Setting
①Apply command aliases as your own user-specific environment
|
1 2 3 |
# vi ~/.bashrc # Alias appended to the last line alias vi='vim' |
# Reflects changes
|
1 |
# source ~/.bashrc |
②Vim configuration
Apply to individual users. If you want to apply it to all users, put it in "/etc/vimrc".
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 |
# vi ~/.vimrc " Use vim's own extensions (not compatible with vi) set nocompatible " Specify character code set encoding=utf-8 " Specify file encoding set fileencodings=utf-8,iso-2022-jp,sjis,euc-jp " Specify the line feed code to be automatically recognized set fileformats=unix,dos " Obtain a backup "The opposite is[ set nobackup ] set backup " Specify the directory from which to obtain backups set backupdir=~/backup " Specify the directory from which to obtain backups set backupdir=~/backup " Number of generations to keep search history set history=50 " Do not distinguish between upper and lower case letters when searching set ignorecase " Mixing capital letters in search terms makes the search case sensitive set smartcase " Highlight words matching your search term "The opposite is[ set nohlsearch ] set hlsearch " Use incremental search "The opposite is [ set noincsearch ] set incsearch " Display line numbers "The opposite is [ set nonumber ] set number " Visualize line breaks ( $ ) and tabs ( ^I ) set list " Highlight corresponding parentheses when typing parentheses set showmatch " No newlines at the end of files set binary noeol "Enable automatic indentation "The opposite is [ noautoindent ] set autoindent " Color-coded display by syntax "The opposite is [ syntax off ] syntax on "Change color of comment text in case of [ syntax on ] highlight Comment ctermfg=LightCyan " Wrap lines by window width "The opposite is [ set nowrap ] set wrap |
6. Network Settings
6.1 Host name and static IP address settings
・Changed host name to Lepard
・Fixed IP address (192.168.11.83)
First, find out the name of your network interface with the following command
This time it is "eth0"
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:d3:68:5d brd ff:ff:ff:ff:ff:ff altname enp2s1 altname ens33 inet 192.168.11.10/24 brd 192.168.11.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fed3:685d/64 scope link valid_lft forever preferred_lft forever |
In most cases, the router's address is "192.168.11.1", "192.168.0.1.", and so on.
We will use "192.168.11.1" as an example.
|
1 |
# yast |
Select "System" → "Network Settings" in the initial yast menu.
"Network Settings" → "OverView" → "Edit"
"Network Card Setup" "Statically Assigned IP Address" check
IP Address : 192.168.11.83
Subnet Mask : /24
Hostname : Lepard
”Network Settings" "Hostname/DNS"
Static Hostname : Lepard
Set Hostname via DHCP : no
Name Server 1 : 192.168.11.1(Router Address)
”Network Settings" "Routing"
Enable IPv4 Fowarding : check
Gateway : 192.168.11.1(Router Address)
[OK]click、system reboot
6.2 IPv6 invalidate
|
1 2 3 4 |
# vi /etc/default/grub # Line 12: Add GRUB_CMDLINE_LINUX="ipv6.disable=1" |
# Reflects changes
|
1 2 3 4 5 6 7 8 |
# grub2-mkconfig -o /boot/grub2/grub.cfg Generating grub configuration file ... Found theme: /boot/grub2/themes/openSUSE/theme.txt Found linux image: /boot/vmlinuz-5.14.21-150500.53-default Found initrd image: /boot/initrd-5.14.21-150500.53-default Warning: os-prober will be executed to detect other bootable partitions. Its output will be used to detect bootable binaries on them and create new boot entries. done |